CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-34242 |
Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of secrets (including certificates) and services across namespaces. An attacker on an affected cluster can leverage this issue to use cluster secrets that should not be visible to them, or communicate with services that they should not have access to. Gateway API functionality is disabled by default. This vulnerability is fixed in Cilium release 1.13.4. As a workaround, restrict the creation of `ReferenceGrant` resources to admin users by using Kubernetes RBAC.
CVSS: LOW (3.4) EPSS Score: 0.06%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-34167 |
Description: Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-34166 |
Description: Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to restart.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-34163 |
Description: Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-34162 |
Description: Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to fail.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-34161 |
Description: nappropriate authorization vulnerability in the SettingsProvider module.Successful exploitation of this vulnerability may cause features to perform abnormally.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-34160 |
Description: Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-34159 |
Description: Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to privilege escalation, which affects availability and confidentiality.
CVSS: LOW (0.0) EPSS Score: 0.2%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-34158 |
Description: Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 12th, 2024 (6 months ago)
|
|
CVE-2023-3315 |
Description: Missing permission checks in Jenkins Team Concert Plugin 2.4.1 and earlier allow attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 12th, 2024 (6 months ago)
|